0f59bcb7d9094950a0cb2599e601aa1e5e476898c1f3501885bd59a6933f39d2_unpacked

Sharing

Copy URL Twitter E-mail

Reason

config extraction: Ramnit: ramnit: unsupported cfgtype 7

General

Target

0f59bcb7d9094950a0cb2599e601aa1e5e476898c1f3501885bd59a6933f39d2_unpacked
Size

104KB
MD5

002444b6eb649ddf205808caa5348d78
SHA1

373cf1c4f4700f684e9a698e59c2bf3417fc1b63
SHA256

835494aab397d1d7bbcd3123906690297d724137903ea5ada3665512e3ea526f
SHA512

4732c81bae2dba523dc2d966a687519a802afe3ca9e3f78a191829e87eb411e68b3ca8ff31a745ec017abfdd5ea2dfe1cdb3002411d5b5b2e93a45ab347adfd6
SSDEEP

1536:TAA/HuPDpPEYWU9F1oRK97In4xXnW6RY5pZvCLYbr:TAr+Y1/5G6yCLYb

Score

N/A

Malware Config

Signatures

Files

0f59bcb7d9094950a0cb2599e601aa1e5e476898c1f3501885bd59a6933f39d2_unpacked
.dll windows x86

258a62f95e68ccf1210924b33c15478e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersionExA
GlobalFree
GlobalReAlloc
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenEventA
OpenMutexA
OpenProcess
PeekNamedPipe
Process32First
Process32Next
ReadFile
GetProcAddress
ResetEvent
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetNamedPipeHandleState
Sleep
TerminateProcess
TryEnterCriticalSection
UnlockFileEx
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeA
WideCharToMultiByte
WriteFile
WriteFileEx
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyW
lstrcpynA
lstrlenA
lstrlenW
GetPrivateProfileStringA
GetOverlappedResult
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileSize
GetEnvironmentVariableA
GetCurrentProcessId
GetCurrentProcess
FindNextFileA
GetComputerNameA
FindFirstFileA
FindClose
ExpandEnvironmentStringsA
ExitProcess
EnterCriticalSection
DisconnectNamedPipe
DeviceIoControl
DeleteFileA
DeleteCriticalSection
CreateToolhelp32Snapshot
CreateThread
CreateProcessA
CreateNamedPipeA
CreateMutexA
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
ConnectNamedPipe
ReleaseMutex
CloseHandle
GlobalAlloc

ws2_32

listen
ioctlsocket
recv
htons
select
send
getsockname
getpeername
gethostbyname
connect
closesocket
bind
accept
__WSAFDIsSet
WSAStartup
WSAGetLastError
WSACleanup
socket
inet_addr

user32

GetIconInfo
GetDesktopWindow
GetWindowDC
DrawTextA
DrawIcon
wsprintfA
GetWindowRect
LoadCursorA
ReleaseDC
ExitWindowsEx

advapi32

CloseServiceHandle
AdjustTokenPrivileges
ControlService
DeleteService
EnumDependentServicesA
GetUserNameA
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
QueryServiceStatusEx
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
ChangeServiceConfigA

shell32

ShellExecuteA

gdi32

CreateCompatibleDC
DeleteDC
DeleteObject
GdiFlush
SelectObject
SetBkColor
SetStretchBltMode
SetTextColor
StretchBlt
CreateDIBSection

ole32

CreateStreamOnHGlobal

Exports

Exports

_CryptoCheckSignMessage@24

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Signatures

Files

258a62f95e68ccf1210924b33c15478e

Headers

File Characteristics

Imports

kernel32

ws2_32

user32

advapi32

shell32

gdi32

ole32

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 6KB - Virtual size: 12KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 12KB

.reloc
Size: 2KB - Virtual size: 2KB